Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b597c4-6a32-4008-b2ee-2da625eb7242/1/C04Ex8MFwb_b37BJ27Us3uz1VFM.roa
File: C04Ex8MFwb_b37BJ27Us3uz1VFM.roa (raw, json)
Hash identifier: j80XZCDPI5r6X8ALb7BebRUyWZl8iIEgKbuZ0obNvww=
Subject key identifier: 0B:4E:04:C7:C3:05:C1:BF:DB:DF:B0:49:DB:B5:2C:DE:EC:F5:54:53
Certificate issuer: /CN=0024b1f1359110bff991e9ac6f51469fdcb487af
Certificate serial: 0183CDC7F3915AA40BCBB9B62943858B11CF
Authority key identifier: 00:24:B1:F1:35:91:10:BF:F9:91:E9:AC:6F:51:46:9F:DC:B4:87:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACSx8TWREL_5kemsb1FGn9y0h68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b597c4-6a32-4008-b2ee-2da625eb7242/1/C04Ex8MFwb_b37BJ27Us3uz1VFM.roa
Signing time: Wed 12 Oct 2022 19:59:36 +0000
ROA not before: Wed 12 Oct 2022 19:59:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47894
IP address blocks: 94.103.33.0/24 maxlen: 24
94.103.35.0/24 maxlen: 24
94.103.32.0/24 maxlen: 24
94.103.34.0/24 maxlen: 24
94.103.44.0/24 maxlen: 24
94.103.46.0/24 maxlen: 24
94.103.45.0/24 maxlen: 24
94.103.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cd:c7:f3:91:5a:a4:0b:cb:b9:b6:29:43:85:8b:11:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0024b1f1359110bff991e9ac6f51469fdcb487af
Validity
Not Before: Oct 12 19:59:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b4e04c7c305c1bfdbdfb049dbb52cdeecf55453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ff:94:7a:e3:75:28:03:29:7b:1d:f8:10:7e:
f4:54:44:67:48:f3:c4:3c:aa:43:1b:6b:78:26:31:
bf:b1:6d:3b:1f:46:47:23:c1:53:90:df:69:ba:5d:
60:05:3c:38:e7:49:e6:91:ba:44:23:53:c5:fa:7f:
12:f2:e6:cb:a0:c7:e5:1f:e9:cf:c3:9c:fb:c1:85:
84:01:54:ea:41:cd:7f:34:c9:4d:7f:17:ec:ea:08:
17:6b:4e:42:6f:2f:20:90:3c:0c:20:15:62:48:b4:
df:97:c6:f4:59:44:6e:2b:a8:85:8b:5f:96:54:6d:
6f:1f:a4:6d:72:55:3b:1b:8b:c1:23:7f:74:9b:ca:
6f:51:42:5c:6d:02:80:b2:92:e0:e4:8e:64:d0:9c:
e4:ae:10:28:55:ec:ea:48:b2:dc:64:04:da:50:25:
8b:63:fc:6b:82:a0:ce:f5:8d:74:80:cc:1c:f7:10:
a7:52:93:ca:87:4b:e4:04:b1:43:10:61:f6:04:4b:
ec:1f:50:75:b6:f2:2a:1d:ef:af:30:f1:53:e7:d3:
2c:b2:cb:83:60:58:78:40:87:1c:04:9f:a4:75:64:
d7:7e:f3:d3:82:93:04:c4:32:3f:80:50:05:39:ff:
62:a6:ee:83:0e:fb:b8:cf:28:41:7e:44:dd:0d:57:
40:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:4E:04:C7:C3:05:C1:BF:DB:DF:B0:49:DB:B5:2C:DE:EC:F5:54:53
X509v3 Authority Key Identifier:
keyid:00:24:B1:F1:35:91:10:BF:F9:91:E9:AC:6F:51:46:9F:DC:B4:87:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACSx8TWREL_5kemsb1FGn9y0h68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b597c4-6a32-4008-b2ee-2da625eb7242/1/C04Ex8MFwb_b37BJ27Us3uz1VFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b597c4-6a32-4008-b2ee-2da625eb7242/1/ACSx8TWREL_5kemsb1FGn9y0h68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.32.0/22
94.103.44.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:8e:b3:5c:25:54:c9:3e:10:ec:78:ce:be:f9:a1:72:9e:2d:
32:3d:cc:49:ca:b3:8c:e3:85:8e:1d:e2:93:0d:bc:b6:81:3c:
61:96:e5:05:b2:05:b9:f0:3b:88:3e:f9:e0:ee:63:e7:b1:c4:
fb:b9:ff:81:0f:53:0c:86:92:8a:4a:a8:13:23:40:be:9d:28:
e2:44:22:ae:67:c6:ba:17:2c:a3:cd:41:4f:a2:af:40:fd:d4:
2d:e8:6c:20:3e:99:68:1b:7b:0d:5d:83:3c:b1:00:bd:ae:96:
5e:25:a2:1f:1d:46:4b:1f:b3:e3:de:20:bf:bb:54:55:75:ff:
5d:b9:4b:5b:a9:06:cd:54:44:f3:ef:12:c9:dc:25:1a:49:8b:
bf:ac:46:61:4a:d6:2a:18:b2:21:35:04:a1:8e:76:8f:d2:a3:
5c:6e:dc:05:fb:11:5b:0e:92:8a:bc:f4:df:bb:4e:c0:38:67:
c3:6d:d5:30:72:80:cf:e3:e7:be:bb:fd:85:3a:91:05:82:85:
7c:8e:ea:60:e8:4b:35:a3:8e:a5:67:fe:b9:db:51:c1:3c:ae:
10:65:2f:9e:2f:8c:b5:dd:98:2f:eb:d5:6a:79:00:c8:d1:2d:
77:b3:45:c2:21:45:a0:21:3b:98:97:64:5f:c8:81:d4:6c:77:
a0:5e:b6:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPNx/ORWqQLy7m2KUOFixHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMjRiMWYxMzU5MTEwYmZmOTkxZTlhYzZmNTE0NjlmZGNi
NDg3YWYwHhcNMjIxMDEyMTk1OTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjRlMDRjN2MzMDVjMWJmZGJkZmIwNDlkYmI1MmNkZWVjZjU1NDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlP+UeuN1KAMpex34EH70VERnSPPE
PKpDG2t4JjG/sW07H0ZHI8FTkN9pul1gBTw450nmkbpEI1PF+n8S8ubLoMflH+nP
w5z7wYWEAVTqQc1/NMlNfxfs6ggXa05Cby8gkDwMIBViSLTfl8b0WURuK6iFi1+W
VG1vH6RtclU7G4vBI390m8pvUUJcbQKAspLg5I5k0JzkrhAoVezqSLLcZATaUCWL
Y/xrgqDO9Y10gMwc9xCnUpPKh0vkBLFDEGH2BEvsH1B1tvIqHe+vMPFT59MsssuD
YFh4QIccBJ+kdWTXfvPTgpMExDI/gFAFOf9ipu6DDvu4zyhBfkTdDVdABwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAtOBMfDBcG/29+wSdu1LN7s9VRTMB8GA1UdIwQY
MBaAFAAksfE1kRC/+ZHprG9RRp/ctIevMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUNTeDhUV1JFTF81a2Vtc2IxRkduOXkwaDY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iNTk3YzQtNmEzMi00MDA4LWIyZWUt
MmRhNjI1ZWI3MjQyLzEvQzA0RXg4TUZ3Yl9iMzdCSjI3VXMzdXoxVkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iNTk3YzQtNmEzMi00MDA4LWIyZWUtMmRhNjI1ZWI3MjQy
LzEvQUNTeDhUV1JFTF81a2Vtc2IxRkduOXkwaDY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXmcgAwQC
XmcsMA0GCSqGSIb3DQEBCwUAA4IBAQBfjrNcJVTJPhDseM6++aFyni0yPcxJyrOM
44WOHeKTDby2gTxhluUFsgW58DuIPvng7mPnscT7uf+BD1MMhpKKSqgTI0C+nSji
RCKuZ8a6FyyjzUFPoq9A/dQt6GwgPploG3sNXYM8sQC9rpZeJaIfHUZLH7Pj3iC/
u1RVdf9duUtbqQbNVETz7xLJ3CUaSYu/rEZhStYqGLIhNQShjnaP0qNcbtwF+xFb
DpKKvPTfu07AOGfDbdUwcoDP4+e+u/2FOpEFgoV8jupg6Es1o46lZ/6521HBPK4Q
ZS+eL4y13Zgv69VqeQDI0S13s0XCIUWgITuYl2RfyIHUbHegXra1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:22 2023 by rpki-client on console-ams.rpki-client.org